StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft’s /GS option use _____ defense against buffer overflow attacks.
A.
Format checking
B.
Hex editing
C.
Non-executing stack
D.
Canary
Explanation:
Canaries or canary words are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, it will clobber the canary, making the overflow evident. This is a reference to the historic practice of using canaries in coal mines, since they would be affected by toxic gases earlier than the miners, thus providing a biological warning system.